Home
Install
User Guides
Administration
Setup
Infrastructure
Users
Templates
External Provisioners
External Auth
Integrations
Prometheus
Kubernetes Logging
Additional Kubernetes Clusters
JFrog Artifactory
JFrog Xray
Island Secure Browser
Hashicorp Vault
Networking
Monitoring
Security
Licensing
Contributing
Tutorials
Reference
Home
/
Administration
/
Integrations
/
Hashicorp Vault

Hashicorp Vault

August 05, 2024

This guide describes the process of integrating HashiCorp Vault into Coder workspaces.

Coder makes it easy to integrate HashiCorp Vault with your workspaces by providing official Terraform modules to integrate Vault with Coder. This guide will show you how to use these modules to integrate HashiCorp Vault with Coder.

The vault-github module

The vault-github module is a Terraform module that allows you to authenticate with Vault using a GitHub token. This module uses the existing GitHub external authentication to get the token and authenticate with Vault.

To use this module, add the following code to your Terraform configuration.

module "vault" {
  source               = "registry.coder.com/modules/vault-github/coder"
  version              = "1.0.7"
  agent_id             = coder_agent.example.id
  vault_addr           = "https://vault.example.com"
  coder_github_auth_id = "my-github-auth-id"
}

This module installs and authenticates the vault CLI in your Coder workspace.

Users then can use the vault CLI to interact with Vault; for example, to fetch a secret stored in the KV backend.

vault kv get -namespace=YOUR_NAMESPACE -mount=MOUNT_NAME SECRET_NAME
See an opportunity to improve our docs? Make an edit.